forked from 00dani/lemoncurry
Add support for selecting scopes during IndieAuth's 'code' type
This commit is contained in:
parent
0a202a215d
commit
06278935b6
3 changed files with 34 additions and 6 deletions
|
@ -3,13 +3,13 @@ from secrets import token_hex
|
|||
|
||||
|
||||
class IndieAuthCodeManager(models.Manager):
|
||||
def create_from_dict(self, d):
|
||||
def create_from_qdict(self, d):
|
||||
code = self.create(
|
||||
me=d['me'],
|
||||
client_id=d['client_id'],
|
||||
redirect_uri=d['redirect_uri'],
|
||||
response_type=d.get('response_type', 'id'),
|
||||
scope=d.get('scope', ''),
|
||||
scope=" ".join(d.getlist('scope')),
|
||||
)
|
||||
code.code = token_hex(32)
|
||||
return code
|
||||
|
|
|
@ -22,6 +22,18 @@
|
|||
|
||||
<div class="card-body">
|
||||
<p class="card-text">do you want to confirm your identity, <a class="code" href="{{ me }}">{{ me }}</a>, with this app?</p>
|
||||
{% if params.response_type == 'code' %}
|
||||
<p class="card-text">additionally, this app is requesting the following <i>scopes</i> - you can edit the scopes that will be granted to the app, if you wish</p>
|
||||
<div class="custom-controls-stacked card-text">
|
||||
{% for scope in scopes %}
|
||||
<label class="custom-control custom-checkbox">
|
||||
<input name="scope" type="checkbox" class="custom-control-input" checked value="{{ scope }}" />
|
||||
<span class="custom-control-indicator"></span>
|
||||
<span class="custom-control-description">{{ scope }}</span>
|
||||
</label>
|
||||
{% endfor %}
|
||||
</div>
|
||||
{% endif %}
|
||||
<p class="card-text"><small>you will be redirected to <a class="code" href="{{ params.redirect_uri }}">{{ params.redirect_uri }}</a> after authorising this app</small></p>
|
||||
</div>
|
||||
|
||||
|
|
|
@ -62,6 +62,22 @@ class IndieView(TemplateView):
|
|||
content_type='text/plain',
|
||||
)
|
||||
|
||||
type = params['response_type']
|
||||
if type not in ('id', 'code'):
|
||||
return HttpResponseBadRequest(
|
||||
'unknown response_type: {0}'.format(type),
|
||||
content_type='text/plain'
|
||||
)
|
||||
|
||||
scopes = ()
|
||||
if type == 'code':
|
||||
if 'scope' not in params:
|
||||
return HttpResponseBadRequest(
|
||||
'scopes required for code type',
|
||||
content_type='text/plain',
|
||||
)
|
||||
scopes = params['scope'].split(' ')
|
||||
|
||||
client = mf2py.Parser(url=params['client_id'], html_parser='html5lib')
|
||||
rels = (client.to_dict()['rel-urls']
|
||||
.get(params['redirect_uri'], {})
|
||||
|
@ -78,6 +94,7 @@ class IndieView(TemplateView):
|
|||
'me': me,
|
||||
'verified': verified,
|
||||
'params': params,
|
||||
'scopes': scopes,
|
||||
'title': 'indieauth',
|
||||
}
|
||||
|
||||
|
@ -112,10 +129,9 @@ class IndieView(TemplateView):
|
|||
@login_required
|
||||
@require_POST
|
||||
def approve(request):
|
||||
post = request.POST.dict()
|
||||
code = IndieAuthCode.objects.create_from_dict(post)
|
||||
code = IndieAuthCode.objects.create_from_qdict(request.POST)
|
||||
code.save()
|
||||
params = {'code': code.code, 'me': code.me}
|
||||
if 'state' in post:
|
||||
params['state'] = post['state']
|
||||
if 'state' in request.POST:
|
||||
params['state'] = request.POST['state']
|
||||
return redirect(code.redirect_uri + '?' + urlencode(params))
|
||||
|
|
Loading…
Reference in a new issue